The devel/libusb1 package is masked for both DragonFly and SunOS. This
cups package set libusb on by default which means cups fails to build
with no set options on those two platforms.
Add an OPSYS check which prevents libusb from even being offered as an
option on DragonFly and SunOS.
- Documentation updates (STR #4112, STR #4130, STR #4134)
- Fixes for libusb-based USB backend (STR #4128)
- The lpq command did not show the owner or title of jobs unless passed
a username on the command-line (STR #4135)
- Localized empty strings contained the message catalog metadata
(STR #4119)
- Fixed a crash in the libusb-based USB backend (STR #4099)
- The cups-lpd mini-daemon no longer handled jobs with multiple copies
(STR #4118)
- Multiple libusb backend fixes (STR #4098, STR #4100)
- The IPP backend no longer tries to get the job status for printers
that do not implement the required operation (STR #4083)
- Sending a document in an unsupported format to an IPP printer now
automatically cancels the job (STR #4093)
- Fix some error reporting issues when printing from /dev/null and
other unusual situations (STR #4015)
- The scheduler now sets the CUPS_MAX_MESSAGE environment variable for
filters (STR #4074)
- Fixed a build issue when using older versions of autoconf (STR #4084)
- The IPP backend now treats the client-error-not-possible status code
as a job history issue, allowing IPP printing to Windows to work
(STR #4047)
- The IPP backend incorrectly included the document-format and
compression attributes in Create-Job requests (STR #4086)
- The libusb-based USB backend did not work on non-Linux platforms
(STR #4088)
- httpReconnect() did not reset the read/write buffers (STR #4065)
- Compiling without threading support failed (STR #4060)
- Fixed compile problem with old versions of OpenSSL (STR #4036)
- The network backends did not check SNMP supply levels regularly
(STR #4040)
- The online help always included the "help on help" text (STR #4042)
- Fixed a SSL handshake issue on OS X (STR #4045)
- The scheduler could crash if a PPD file contained an invalid paper
size (STR #4049)
- The CUPS polling daemon did not reinitialize its connection to the
remote server on errors in all cases (STR #4031)
- PostScript auto-configuration was slow and unreliable with some
printers (STR #4028)
- Missing localizations caused empty output (STR #4033)
- The cups-driverd program could temporarily "forget" a PPD file if it
was updated in place.
- The dnssd backend now prefers IPPS over IPP.
- The USB backend now uses and requires LIBUSB 1.0 or later (STR #3477)
- The LIBUSB-based USB backend now supports the back-channel (STR #2890)
- Changed how timeouts are implemented in the LPD backend (STR #4013)
- Added more supported color names for SNMP supplies (STR #3981)
- The default InputSlot setting was never used (STR #3957)
- POSIX ACLs are now set properly on certificate files (STR #3970)
- Supplies with commas in their names were not reported correctly
(STR #4020)
- The cupsGetPPD3() function created a temporary file when one was not
needed (STR #4018)
- The scheduler now ensures that job notifications contain a value for
the notify-printer-uri attribute (STR #4014)
- The lp and lpr commands did not cancel jobs queued from stdin on an
error (STR #4015)
- Fixed the IPP backend's handling of HTTP/1.0 compatibility (STR #3988)
- The IPP backend did not always setup username/password authentication
for printers (STR #3985)
- The IPP backend no longer re-queues print jobs that are too large for
the printer/server (STR #3977)
- The RPM spec file did not work (STR #4021, STR #4057)
- Encryption did not work when the server name ended with "."
(STR #4011)
- The multi-purpose tray is now mapped to the IPP "by-pass-tray"
(STR #4009)
- The correct media size was not always passed to IPP printers
(STR #4001)
- Finishing options were not passed to IPP printers (STR #3995)
- Fixed iCloud-based Back to My Mac printing (STR #3996)
--------------------
CHANGES IN CUPS V1.5.2
- Reposted what should have been CUPS 1.5.1.
CHANGES IN CUPS V1.5.1
- Documentation updates (STR #3885, STR #3886, STR #3946, STR #3969)
- Localization updates (STR #3840, STR #3989, STR #3997)
- Build fixes (STR #3956, STR #3999)
- The SNMP backend did not validate the device URIs reported by printers
(STR #4004)
- cupsBackendReport() did not handle newlines in 1284 Device IDs
(STR #4005)
- USB backend fixes for libusb (STR #3965, STR #3978)
- The DBUS notifier did not validate string parameters (STR #3984)
- Group quota ACLs did not work with Kerberos (STR #3972)
- The IPP backend did not retry when a printer responded with
client-error-not-possible (STR #3963)
- PostScript PPDs with filters used the wrong command filter (STR #3973)
- The scheduler incorrectly used free() on a POSIX ACL value, which
could cause a crash (STR #3970)
- PPD files using the MacStandard encoding did not work.
- The web interface did not work on some platforms (STR #3902)
- The lpstat command would crash when then "-u" option was used by a
non-administrator (STR #3953)
- Japanese supply level reporting did not always work.
- The DBUS notifier could crash (STR #3947)
- Relaxed some of the page size checks in cupstestppd.
- The ipptool program now reports attributes that are repeated within
the same attribute group.
- Updated the PWG raster support to match the current draft
specification.
- Fixed some IPP conformance issues in the scheduler.
- Added ipptool support for repeating requests.
- Added IPP/2.2 conformance tests and greatly improved the IPP/1.1,
IPP/2.0, and IPP/2.1 conformance testing.
- IPP messages containing mixed integer/rangeOfInteger values did not
work (STR #3942)
- The ipptool program now provides additional diagnostics for badly-
formatted responses (STR #3857)
- When possible, the IPP backend now stops sending job data early on a
cancel.
- cupsSendRequest and cupsWriteRequestData did not properly read all
HTTP headers, preventing authentication and encryption upgrades from
working in all cases.
- The client.conf Server directive is no longer supported on Mac OS X
10.7 and later.
- The IPP backend sent the wrong margins in media-col.
- The scheduler did not save or restore large Kerberos credentials for
jobs.
- The dnssd backend did not properly browse for secure IPP printers.
- httpAssembleURI* did not properly escape all special characters in the
username/password field.
- The scheduler now logs config file errors to stderr (STR #3936)
- The configure script incorrectly used bundle-based localizations on
Linux (STR #3938)
- The cups-driverd helper program did not cache .drv files properly,
sometimes leading to a crash (STR #3921)
- CUPS did not build on stock Mac OS X installations.
- Encryption was broken with OpenSSL.
- ipptool's XML output used date/time values with timezone offsets,
which are not supported by Mac OS X's NSDate class.
- Several programs did not support the cupsFilter2 keyword in PPD files.
- The IPP backend incorrectly reported spool-area-full states.
- cupsMarkOptions() did not protect against a bad PPD that was missing
one or more standard Duplex options.
- The PostScript filter did not mirror N-up output properly.
- The ipptool program did not validate UTF-8 strings in XML output.
- Fixed supply level reporting for some printers.
- The scheduler no longer automatically logs debug messages for jobs
that were held or canceled.
- The cupsSendRequest function did not flush remaining response data
from a previous request, leading to apparent chunking issues.
- The scheduler did not report the correct version in the Server: header
(STR #3903)
- The scheduler did not support 1284 device IDs reported by driver
interface programs longer than 127 characters (STR #3871)
- The image filters did not support loading images larger than the
RIPCache setting (STR #3901)
- "PAGE: total NNN" messages did not get logged properly (STR #3887)
- Updated the PWG Raster support to conform to the current draft of the
PWG Raster Format specification.
- The PWG Raster filter did not always write the correct number of
padding lines on the bottom of the page (STR #3904)
- When reporting a denial-of-service attack from the domain socket, the
address reported does not always contain the correct path (STR #3888)
- Badly formed GIF files could cause the image filters to crash
(STR #3914)
- Jobs canceled at the printer were retried by the IPP backend.
- "cupsfilter -u" deleted the input file instead of the PPD file.
- The scheduler did not compute the cost of PPD filters defined using
the cupsFilter2 keyword properly.
- The scheduler did not correctly support the maxsize() attribute for
PPD filters.
--------------------
CHANGES IN CUPS V1.5.0
- Documentation updates.
- Localization update (STR #3865)
- Needed to limit TLS to v1.0 on some versions of Mac OS X.
- The snmp backend did not work with some printers.
CHANGES IN CUPS V1.5rc1
- Compile fixes (STR #3849, STR #3850)
- The scheduler didn't check for empty values for several configuration
directives (STR #3861)
- ipptool didn't generate valid XML when a test was skipped.
- Added additional error checking to the 1284 device ID code (STR #3858)
- Fixed some compatibility issues migrating from the old usblp backend
to the libusb backend (STR #3860)
- Fixed the wake-from-sleep printing behavior on Mac OS X.
- The scheduler incorrectly allowed jobs to be held from a terminating
state.
- The cups-driverd program could crash when a PPD was renamed.
- The dnssd backend took too long to discover printers on large or busy
networks with the new default timeout used by lpinfo and the web
interface. This resulted in "lost" printers.
CHANGES IN CUPS V1.5b2
- Documentation updates.
- Localization updates (STR #3845)
- Compiler warning cleanup.
- Fixed PIE support for Linux (STR #3846)
- Made httpSetTimeout API public and use it in the IPP backend to avoid
timeout errors.
- The scheduler incorrectly set the "authenticated" printer-type bit for
remote queues using authentication.
CHANGES IN CUPS V1.5b1
- The CUPS library now supports per-connection HTTP timeouts and
callbacks.
- The CUPS library now supports (limited) SSL/TLS X.509 certificate
validation and revocation (STR #1616)
- Updated the PostScript filter to support IncludeFeature in more
circumstances (STR #3417)
- The schedule did not correctly parse some IPv6 addresses and masks in
the cupsd.conf file (STR #3533)
- Fixed a case-insensitive string comparison issue for locales that do
not treat "I" and "i" as equivalent (STR #3800)
- The scheduler reported an incorrect job-printer-uri value when sharing
was not enabled (STR #3639)
- The scheduler now allows the ServerAlias directive to contain multiple
hostnames separated by spaces or commas (STR #3813)
- The scheduler now sets the process group for child processes and
manages the group (STR #2829)
- Fixed some minor issues discovered by a Coverity scan (STR #3838)
- The scheduler now more carefully creates and removes configuration,
cache, and state files (STR #3715)
- The lpadmin command now allows default option values to be deleted
(STR #2959)
- The lpadmin command now allows the cupsIPPSupplies and
cupsSNMPSupplies keywords to be set in a PPD file (STR #3825)
- Moving a held job no longer releases it (STR #3839)
- Restored support for GNU TLS and OpenSSL with threading enabled
(STR #3605)
- Fixed a confusing error message from cups-polld (STR #3806)
- Increased the default RIPCache value to 128MB (STR #3535)
- MIME errors are now routed to the error_log file (STR #2410)
- Updated PDF filter to support new Ghostscript ps2write device
(STR #3766)
- Updated PDF filter to support new Poppler option to preserve page
sizes in PDF files when the user has not selected a particular media
size (STR #3689)
- Added new PWG Raster filter for IPP Everywhere printer support.
- Added job-uuid, printer-uuid, and subscription-uuid attributes.
- Added support for the cupsSingleFile PPD keyword.
- Dropped support for the printer-state-history attribute (STR #3654)
- Added support for a new cupsIPPSupplies keyword in PPD files to allow
drivers to disable IPP supply level reporting.
- Added support for a new cupsFilter2 keyword in PPD files to allow for
the propagation of the actual MIME media type produced by a filter.
- The scheduler did not always get the correct Kerberos username when
authenticating (STR #3670)
- Added new cupsRasterOpenIO function and CUPS_RASTER_WRITE_PWG to the
CUPS imaging library to support printing to IPP Everywhere raster
printers.
- The scheduler now provides default values for the pages-per-minute and
pages-per-minute-color attributes for PPD files that lack a
Throughput keyword.
- Email notifications did not work on Mac OS X.
- The cupstestppd program now shows an error for files missing a
CloseGroup keyword (STR #3668)
- Name resolution errors no longer cause queues to stop (STR #3719,
STR #3753)
- Added a new cups-exec helper program that applies security profiles
to filters, port monitors, backends, CGI programs, and mini-daemons.
- The web interface can now be disabled using the WebInterface directive
in cupsd.conf (STR #2625)
- The scheduler now provides privacy controls for jobs and subscriptions
(STR #2969)
- Added new cupsArrayNew3 API which offers memory management of array
elements.
- Added several new color spaces to the CUPS raster format (STR #3419)
- The Validate-Job operation now uses the same policy as Print-Job by
default.
- CUPS now uses iconv to implement all of its character encoding
support (STR #3097)
- The scheduler now implements the Cancel-Jobs, Cancel-My-Jobs, and
Close-Job operations along with the job-ids operation attribute from
PWG 5100.11.
- The main CUPS header (<cups/cups.h>) no longer includes the PPD header
(<cups/ppd.h>).
- The scheduler and CUPS API now support the print-quality job template
attribute.
- The scheduler no longer supports the old Mac OS X Server quota
plugin.
- The scheduler now allows writing to /Users/Shared from print filters
on Mac OS X.
- CUPS no longer supports the old ~/.cupsrc or ~/.lpoptions files from
CUPS 1.1.x. The ~/.cups/client.conf and ~/.cups/lpoptions files that
were introduced in CUPS 1.2 must now be used.
- The ipptest tool is now a first-class user program and has several
improvements along with new documentation (STR #3484)
- The cupstestppd tool now warns about non-unique filenames and
provides a way to ignore all filename warnings.
- Dropped support for the recoverable: and recovered: message prefixes.
- The scheduler now requires that filters and backends have group write
permissions disabled.
- The PPD compiler now checks for overlapping filenames when writing
PPD files.
- The HP-GL/2 filter is no longer included with CUPS (STR #3322)
- The SCSI backend is no longer included with CUPS (STR #3500)
CHANGES IN CUPS V1.4.8
- The scheduler would delete job data files when restarted (STR #3880)
- The network backends could crash if a printer returned a value of 0
for the maximum capacity for a supply (STR #3875)
CHANGES IN CUPS V1.4.7
- Documentation changes (STR #3710, STR #3720, STR #3745, STR #3750,
STR #3757, STR #3758, STR #3782, STR #3826, STR #3829, STR #3837)
- Web interface fixes (STR #3412, STR #3345, STR #3455, STR #3707,
STR #3755, STR #3769, STR #3783)
- Configure script fixes (STR #3659, STR #3691)
- Compilation fixes (STR #3718, STR #3771, STR #3774)
- The imageto* filters could crash with bad GIF files (STR #3867)
- The scheduler might leave old job data files in the spool directory
(STR #3795)
- CUPS did not work with locales using the ASCII character set
(STR #3832)
- httpAddrString() did not return a URI-style IPv6 numeric address
(STR #3814)
- Fixed an issue when reading compressed CUPS raster streams (STR #3812)
- Fixed an issue with PostScript printer auto-configuration (STR #3443)
- Fixed some compatibility issues with the libusb-based USB backend
(STR #3799)
- The network backends no longer try to collect SNMP supply and status
information for raw queues (STR #3809)
- The DBUS notifier did not report job state changes (STR #3805)
- The scheduler did not always report that the "normal" print-quality
value was supported (STR #3803)
- The gziptoany filter did not report the correct error if it was unable
to write the uncompressed document to the next filter or backend in
the chain (STR #3797)
- The Epson and Oki 9-pin drivers had a bad resolution option
(STR #3798)
- The scheduler did not always register the correct default ICC profile
on Mac OS X.
- The scheduler did not use the job owner when authorizing access for
the CUPS-Get-Document operation, preventing non-admins from accessing
their own jobs.
- CUPS did not work with some printers that incorrectly implemented the
HTTP/1.1 standard (STR #3778, STR #3791)
- The scheduler did not retry fax jobs properly.
- The scheduler now recognizes an empty cupsCommands PPD keyword as
meaning that CUPS commands are not supported for a printer (STR #3773)
- Fixed a crash bug in the scheduler when the application/octet-stream
MIME type was not defined (STR #3690)
- Polled printers were advertised more slowly than necessary (STR #3574)
- cupsResolveConflicts() did not handle resolving multiple UIConstraints
issues (STR #3705)
- The SetEnv and PassEnv directives had no effect (STR #3664)
- The web interface no longer tries to use multi-part delivery when
adding printers (STR #3455)
- The libusb-based USB backend printed slowly to the LaserJet 1300 and
other printers (STR #3405)
- "lp" and "lpr" failed to print with Kerberos enabled (STR #3768)
- The cupsctl program now displays an error if you try to directly set
the Port or Listen directives (STR #3749)
- PPD files with "*JobPatchFile: bla" no longer fail to load in relaxed
conformance mode (STR #3747)
- The scheduler generated a bad notify-text string for printer state
change notifications (STR #3739)
- The scheduler incorrectly updated printers.conf when it really needed
to update classes.conf or remote.cache (STR #3726)
- Hardwired remote printers with options did not work (STR #3717)
- Accessing the CUPS web interface using a CNAME-based hostname would
sometimes fail due to redirection to the actual hostname (STR #3701)
- Subscription events had a misspelled attribute (STR #3693)
- "make check" failed if LC_MESSAGES was set (STR #3765)
- Fixed the configure script to always look for the pkg-config script
(STR #3761)
- The scheduler now only looks up interface hostnames if HostNameLookups
are enabled (STR #3737)
- Fixed a compilation problem on DragonFly BSD (STR #3738)
- The default PageLogFormat value had the username and job ID swapped
from CUPS 1.3.x (STR #3727)
- The scheduler could crash if a browsed printer times out while a job
is printing (STR #3754)
- The scheduler incorrectly mapped custom page sizes to standard sizes
(STR #3764)
- cupsfilter and pstops did not map IPP attributes to PPD options due to
a change in cupsMarkOptions (STR #3756)
- The scheduler did not always show the most recent status message from
the print filters (STR #3731)
- The PostScript filter did not apply the mirror and number-up options
properly, leading to offset and clipped output (STR #3732)
- The network backends always reported "low toner" or "out of toner"
states, even for inkjet printers (STR #3733)
CHANGES IN CUPS V1.4.6
- Fixed a "make check" issue on Solaris (STR #3729)
- Regression: The pstops filter did not support landscape printing of
PostScript files (STR #3722)
- The scheduler killed retried (fax) jobs after restarting them
(STR #3697)
- The cupsAdminSetServerSettings() function disabled sharing when
debug logging was enabled (STR #3712)
CHANGES IN CUPS V1.4.5
- Documentation fixes (STR #3542, STR #3650)
- Localization fixes (STR #3635, STR #3636, STR #3647, STR #3666)
- Security: Fixed a memory corruption bug reported in CVE-2010-2941
(STR #3648)
- The CUPS API incorrectly mapped the HTTP_UNAUTHORIZED status to the
IPP_NOT_AUTHORIZED status code, when IPP_NOT_AUTHENTICATED would be
the correct mapping (STR #3684)
- The scheduler would restart jobs while shutting down (STR #3679)
- Fixed a PPD loader bug that could cause a crash in cupsd (STR #3680)
- Improved the mapping of non-standard PPD and PWG names (STR #3671)
- The scheduler did not initialize Kerberos in all cases (STR #3662)
- cupsAdminSetServerSettings duplicated Listen and Order lines
(STR #3645)
- Added DeviceN colorspace support to the CUPS Raster format (STR #3419)
- ppdMarkDefaults() did not clear the marked field of the previous
choices (STR #3642)
- The serial backend would not allow a raw job to be canceled
(STR #3649)
- The socket backend could go into an infinite loop with certain
printers (STR #3622)
- Setting the PRINTER or LPDEST environment variables to "name/instance"
did not work (STR #3485)
- The scheduler did not handle the JobRetryLimit setting properly
(STR #3466)
- The lpstat command always showed a remote job ID of 0 for shared
printers (STR #3627)
- Increased the write timeout for the libusb-based USB backend to 5
minutes (STR #3595)
- The libusb-base USB backend did not check whether the printer has a
serial number (STR #3590)
- The lpadmin command did not support setting of custom option values
(STR #3631)
- The lpadmin command did not support setting of the location or
description of a class (STR #3613)
- The cupsaddsmb command did not give up after too many failed attempts
(STR #3615)
- The CUPS library no longer uses certain problematic ctype macros that
change based on the locale's character set.
- PJL value substitution of more than 9 values was broken (STR #3621)
- Custom options with missing string values caused ppdEmit* to segfault
(STR #3620)
- Fixed an issue with the Italian version of the web interface
(STR #3624)
- Fixed the Solaris SMF configuration file for cups-lpd (STR #3611)
- The scheduler did not set the notify-subscribed-event attribute when
delivering printer-added or printer-modified events (STR #3608)
- The mailto notifier could get into an infinite loop (STR #3609)
- Date/time information was not shown in banner pages.
- Relational operators were broken in #if/#elif/#else/#endif expressions
for the PPD compiler.
- Moving a job via the web interface failed without asking for
authentication (STR #3559)
- The scheduler now clears the printer-state-reasons when the driver is
changed (STR #3570)
- The web interface did not allow a user to change the driver
(STR #3537, STR #3601)
- The scheduler was not setting the PATH_INFO environment variable when
needed (STR #3600)
- The scheduler incorrectly set the CUPSD_AUTH_TYPE environment
variable instead of AUTH_TYPE (STR #3599)
- Fixed a buffer overrun in the PPD compiler (STR #3594)
- Fixed some additional IPP job template attribute mapping issues in the
scheduler.
alternative from mk/jpeg.buildlink3.mk
This allows selection of an alternative jpeg library (namely the x86 MMX,
SSE, SSE2 accelerated libjpeg-turbo) via JPEG_DEFAULT=libjpeg-turbo, and
follows the current standard model for alternatives (fam, motif, fuse etc).
The mechanical edits were applied via the following script:
#!/bin/sh
for d in */*; do
[ -d "$d" ] || continue
for i in "$d/"Makefile* "$d/"*.mk; do
case "$i" in *.orig|*"*"*) continue;; esac
out="$d/x"
sed -e 's;graphics/jpeg/buildlink3\.mk;mk/jpeg.buildlink3.mk;g' \
-e 's;BUILDLINK_PREFIX\.jpeg;JPEGBASE;g' \
< "$i" > "$out"
if cmp -s "$i" "$out"; then
rm -f "$out"
else
echo "Edited $i"
mv -f "$i" "$i.orig" && mv "$out" "$i"
fi
done
done
CHANGES IN CUPS V1.4.4
- Documentation updates (STR #3453, STR #3527, STR #3528, STR #3529)
- Security: The texttops filter did not check the results of allocations
(STR #3516)
- Security: The fix for CVE-2009-3553 was incomplete (STR #3490)
- Security: The web admin interface could disclose the contents of
memory (STR #3577)
- Security: CUPS could overwrite files as root in directories owned or
writable by non-root users (STR #3510)
- The cups-config utility did not return the correct linker options on
AIX (STR #3587)
- Fixed some IPP conformance issues with the scheduler's
ippget-event-life, operations-supported, output-bin, and sides
attributes (STR #3554)
- The OpenSSL interfaces have been made thread-safe and the GNU TLS
interface is explicitly forbidden when threading is enabled
(STR #3461)
- Fixed an IPP conformance issue with the scheduler's Send-Document
implementation (STR #3514)
- Added additional validation checks for the 1284 device ID (STR #3534)
- Fixed a problem with the RPM spec file (STR #3544)
- The lpstat command did not limit the job list to the specified
printers (STR #3541)
- The cupsfilter command did not set the RIP_MAX_CACHE environment
variable (STR #3531)
- Fixed support for media-col and page size variants (STR #3394)
- The PostScript filter did not support all media selection options for
the first page (STR #3525)
- The scheduler did not always remove job control files (STR #3425)
- The scheduler could crash on restart if classes were defined
(STR #3524)
- The scheduler no longer looks up network interface hostnames by
default on Mac OS X (STR #3523)
- ippWriteIO did not write collection (member) attributes properly in
all cases (STR #3521)
- The "cupsctl --remote-any" and corresponding web interface check box
(allow printing from the Internet) did not work reliably (STR #3520)
- The lpq and lpr commands would sometimes choose different default
printers (STR #3503)
- cupsDo*Request did not flush error text, leading to multiple issues
(STR #3325, STR #3519)
- cupsDoAuthentication did not cancel password authentication after 3
failures (STR #3518)
- Fixed several LDAP browsing bugs (STR #3392)
- The Dymo driver did not support copies (STR #3457)
- The scheduler did not update the classes.conf file when deleting a
printer belonging to a class (STR #3505)
- The lppasswd command did not use localized password prompts
(STR #3492)
- The socket backend no longer waits for back-channel data on platforms
other than Mac OS X (STR #3495)
- The scheduler didn't send events when a printer started accepting or
rejecting jobs (STR #3480)
- The web interface now includes additional CSRF protection (STR #3498)
-use-after-free problem (CVE-2010-0302)
-information disclosure (CVE-2010-1748)
-unchecked memory allocation is texttops
-file overwrite problem
(I didn't find references from cups patches to CVE #s, or vice versa,
so the CVE #s are not certain.)
The missing http session check problem (CVE-2010-0540?) is not fixed,
this would be a large patch affecting tens of files.
bump PKGREVISION
the shift from traditional ulpt(4)/usblp to libusb. Clarify that the
backend, when run without arguments, also prints out DeviceURIs of
traditional printers. PKGREVISION++.
ok sbd@
usb-backend-both-usblp-and-libusb.dpatch by <till.kamppeter@gmail.com>
http://www.cups.org/str.php?L3357
One "usb" CUPS backend for both libusb-based and usblp-based access.
Bump PKGREVISION.
* Add CUPS_CACHE and use it.
* Add CUPS_STATEDIR and add it to OWN_DIRS
* Move ${CUPS_CONFDIR}/certs to ${CUPS_STATEDIR}/certs
* Add ${CUPS_CACHE}/rss
* Use ${ROOT_USER} instead of ${CUPS_USER} for all OWN_DIRS_PERMS except
${CUPS_STATEDIR}/certs.
Adds the option acl, libusb and tcpwrappers.
CHANGES IN CUPS V1.4.3
- SECURITY: The scheduler could try responding on a closed client
connection, leading to a crash (STR #3200)
- SECURITY: The lppasswd program allowed the localization files to be
overridden when running in setuid mode (STR #3482)
- Localization updates (STR #3352, STR #3409, STR #3422, STR #3452,
STR #3473, STR #3502)
- Documentation updates (STR #3451, STR #3504)
- The IPP backend now sets the printer-state-message to "Ready to
print." at the end of a successful job (STR #3460)
- The PPD compiler did not correctly add the manufacturer to the output
filename when using the "-m" option (STR #3469)
- The IPP backend did not handle authentication properly for the Get-
Printer-Attributes operation (STR 3458)
- Getting SNMP values larger than 127 bytes did not work.
- IPP conformance: Get-Jobs has a default value for requested-attributes
(STR #3383)
- cupsPrintFiles() did not report all errors (STR #3449)
- cupsAddDest() could read freed memory (STR #3448)
- The DBUS notifier did not build (STR #3447)
- The scheduler would crash when an active printer was deleted.
- The snmp backend did not work with some printers (STR #3413)
- The web interface did not show the conflicting values when setting
options (STR #3440)
- Setting options in the web interface did not always work (STR #3439)
- The scheduler did not use the Get-Job-Attributes policy for a printer
(STR #3431)
- The scheduler added two job-name attributes to each job object
(STR #3428)
- CSS files would not print (STR #3442)
- The scheduler did not clean out completed jobs when PreserveJobHistory
was turned off (STR #3425)
- The web interface did not show completed jobs for a printer
(STR #3436)
- Authenticated printing did not always work when printing directly to
a remote server (STR #3435)
- The USB backend did not work on Solaris (STR #3423)
- cupstestppd didn't catch problems with JobPatchFile definitions
(STR #3421)
- The socket backend could crash if a SNMP string had a negative length.
- Fixed some termination issues with the USB backend on Mac OS X.
- The side-channel APIs did not handle interrupts properly.
- The network backends incorrectly cleared the media-empty-warning
state.
- The web interface did not allow users to successfully add serial
printers (STR #3391)
- cupsTempFd() did not work in some situations (STR #3382)
- Some C API headers were missing C++ wrapper logic.
- The PPD compiler did not localize single-language PPD options properly
(STR #3386)
- Modifying a printer from the web interface sometimes caused the wrong
driver to be selected (STR #3418)
- The scheduler did not handle out-of-memory conditions properly when
loading a job (STR #3407)
- When adding printers from the web interface, the dynamic updates of
the device list made it hard to pick a device (STR #3406)
- Fixed a typo in the web interface admin page template (STR 3403)
- The web interface did not preserve the "printer is shared" state when
modifying a printer (STR #3390)
- The PPD compiler incorrectly inserted translations of empty strings
(STR #3411)
- The scheduler did not reset the SIGPIPE handler of child processes
(STR #3399)
- cupsGetNamedDest() incorrectly returned the default printer if the
named printer did not exist (STR #3397)
- Fixed a GNU TLS error handling bug (STR #3381)
CHANGES IN CUPS V1.4.2
- SECURITY: The CUPS web interface was vulnerable to several XSS and
HTTP header/body attacks via attribute injection (STR #3367,
STR #3401)
- Fixed localization errors (STR #3359, STR #3372, STR #3380, STR #3387)
- The documentation for classes.conf and printers.conf did not provide
the correct instructions for manual changes (STR #3351)
- The scheduler did not always rebuild printer cache files when the
driver was changed (STR #3356)
- The documentation makefile failed to install localizations when using
newer versions of Bash (STR #3360)
- The configure script did not use the --with-xinetd value for the
default LPD configuration path (STR #3347)
- The configure script incorrectly required glib for DBUS support
(STR #3346)
- The cupstestppd program incorrectly reported filters with bad
permisssions as missing (STR #3363)
- The cups.desktop file used the wrong locale names (STR #3358)
- cupsSideChannelRead() did not return an error for short reads.
- The installed PAM configuration file did not use the correct options
with the pam_unix2 module (STR #3313)
- The scheduler did not preserve default options that contained special
characters (STR #3340)
- The scheduler did not remove old pre-filters when updating a printer
driver (STR #3342)
- The HP/GL-2 filter did not check for early end-of-file (STR #3319)
- The USB backend did not compile on some platforms (STR #3332)
- cupsSideChannelSNMPWalk() could go into an infinite loop with broken
SNMP implementations.
CHANGES IN CUPS V1.4.1
- Documention fixes (STR #3296)
- SNMP supply levels and states were wrong for some printers.
- The IPP backend did not update the auth-info-required value.
- The libusb-based USB backend would hang at the end of the job
(STR #3315, STR #3318)
- DNS-SD registrations for raw queues had an empty "ty" key (STR #3299)
- The JPEG and BMP MIME type rules were broken (STR #3284)
- cupsGetNamedDest returned the default printer when the named
destination did not exist (STR #3285)
- The JobKillDelay was not triggered for canceled jobs (STR #3292)
- The PPD compiler could get in an infinite loop (STR #3293)
- The configure check for dns-sd.h was broken (STR #3297)
- The "Query Printer for Default Options" page did not go away if the
query job was held (STR #3302)
- Boolean options did not show up as selected in the web interface
(STR #3303)
- The scheduler did not cache or report driver information files
correctly, leading to a variety of issues (STR #3283, STR #3297,
STR #3305)
- cupsDoIORequest() did not abort on permanent errors (STR #3311)
- Modifying a class in the web interface did not work (STR #3312)
- BrowseLocalProtocols could be cleared when changing the sharing
setting (STR #3287)
- The scheduler could return an empty supported document format
(STR #3308)
- The PPD compiler generated invalid PPD files when the locale used
something other than "." for the decimal point (STR #3300)
- The IPP backend did not handle some non-comforming IPP printer
implementations (STR #3262)
- The scheduler leaked three file descriptors to each job filter
(STR #3263)
- The scheduler now uses a default CUPS-Get-Devices timeout of 15
seconds (STR #3307)
CHANGES IN CUPS V1.4.0
- Localization updates (STR #3223, STR #3246, STR #3248, STR #3250)
- Documentation updates (STR #3225, STR #3230, STR #3242, STR #3260)
- The --with-pdftops configure option did not accept a full path to the
filter (STR #3278)
- The banner filter did not position the back side image correctly
(STR #3277)
- The dnssd backend could crash (STR #3272)
- The 1284 device ID sometimes contained trailing garbage (STR #3266)
- The USB backend returned different URIs for some printers than in
CUPS 1.3 (STR #3259)
- The scheduler did not do local job-hold-until processing for remote
queues (STR #3258)
- The scheduler did not try all possible SSL certificates on Mac OS X.
- The scheduler did not always remove a file descriptor when using the
kqueue interface (STR #3256)
- The scheduler did not protect against bad job control files in all
cases (STR #3253)
- The scheduler did not encode "+" in model names (STR #3254)
- The web interface didn't show the default options (STR #3244)
- The IPP and LPD backends needed print data before they would do an
SNMP query.
- Fixed a GNU TLS compatibility issue (STR #3231)
- Fixed a HTML error in the add and modify printer web interface
templates (STR #3229)
- The scheduler did not minimize the number of printer state events that
were generated by filter STATE: messages, which could lead to poor
performance.
- The USB backend on Mac OS X did not cleanly cancel a job.
- The network backends now set the connecting-to-device printer-state-
reasons value when looking up the address and copying the print data
for consistency.
- The scheduler now supports the com.apple.print.recoverable-warning
reason on all platforms.
CHANGES IN CUPS V1.4rc1
- The PPD compiler documentation was missing information on localization
(STR #3212)
- The IPP backend now reconnects after every request when talking to
printers that claim IPP support but only use HTTP/1.0.
- The PPD compiler crashed when both "Resolution" and "Group foo Option
Resolution" were specified in the .drv file.
- The PPD compiler's #if/#elif/#else/#endif did not work for undefined
variables (STR #3210)
- Static libraries could not be installed by a non-root user on systems
needing a ranlib program (STR #3209)
- The scheduler incorrectly always tried to copy Kerberos credentials
for print jobs.
- Updated the Spanish localization (STR #3204)
- The scheduler crashed when getting the default paper size from
libpaper (STR #3205, STR #3206)
- The PPD compiler now defines six variables: CUPS_VERSION,
CUPS_VERSION_MAJOR, CUPS_VERSION_MINOR, CUPS_VERSION_PATCH,
PLATFORM_NAME, and PLATFORM_ARCH (STR #3203)
- Fixed a whitespace skipping bug in cupsRasterInterpretPPD.
- The scheduler did not return HTTP 403 (Forbidden) for authenticated
users that were not authorized to do IPP operations (STR #3193)
- The scheduler did not report more than 8 Product strings from a PPD
file. Some PPD files have as many as 24.
- ppdOpen*() could crash if a keyword had no value string (something
that cupstestppd looks for...)
- cupsLangDefault() did not return the correct language on Mac OS X.
- The Mac OS X USB backend did not handle aborted or stalled pipe
conditions properly, which prevented drivers from ejecting partial
pages when a job was canceled or held.
CHANGES IN CUPS V1.4b3
- Documentation fixes (STR #3044, STR #3057, STR #3153, STR #3158,
STR #3173)
- Added complete localizations for German, Japanese, Polish, and
Russian and partial localizations for Chinese, Danish, Finnish,
French, Italian, Korean, Norwegian, Portuguese, and Swedish
(STR #3096, STR #3098, STR #3109, STR #3111, STR #3141)
- Updated the configure check for -fstack-protector (STR #3198)
- The network backends now correctly convert SNMP supply descriptions to
UTF-8 encoding as needed.
- The scheduler could crash when deleting an attribute (STR #3197)
- The cups-driverd program did not detect symlink loops (STR #3185)
- The EPSON 24-pin series driver should now feed the correct amount
(STR #2624)
- The scheduler now automatically logs the last N debug messages for
failed print jobs.
- You can now modify a raw print queue (STR #3133)
- Fixed a number of ppdi issues and added a unit test to validate that
ppdc + ppdi can generate and import the same data (STR #3152)
- Moving jobs in the web interface now shows an error if you only have
one printer or class added (STR #3094)
- Since classes have never truly supported the printer-error-policy
stuff added in CUPS 1.2, update the code to reflect the current
reality and support only the retry-current-job policy for now
(STR #3171)
- Revised the password callback support (STR #2953)
- ppdEmit*() did not choose between PageSize and PageRegion properly.
- Make some fairly substantial changes to the Kerberos support code so
that CUPS can work in multi-realm environments and does not require
delegatable credentials. Shared printing still requires delegation,
however "delegation by policy" can be enabled in the KDC to make this
all work.
- "AccessLogLevel actions" did not hide client-error-not-found errors.
- AP_FIRST_InputSlot did not work with number-up.
- cupsBackChannelRead() and cupsBackChannelWrite() could fail due to a
lack of kernel buffers.
- The IPP and LPD backends did not respond to side-channel requests
while copying print data to a temporary file.
- cupsWriteRequestData() flushed the output buffer unnecessarily,
causing reduced performance in some situations.
- If a CGI process died before sending its MIME headers, the request
would hang on the client.
- The printer/class/job search feature on the web interface did not
work (STR #3132)
- The scheduler did not write the printers out for classes.
- CUPS-Get-PPDs did not work properly when filtering by language,
product, or psversion (STR #3136)
- The scheduler now kills job filters when it takes more than 30 seconds
(configurable) to cancel or hold the job.
- The cupstestppd program did not validate the capitalization of
filenames in the PPD file.
- The cupstestppd program did not validate the PageSize and PageRegion
values.
- The cups-deviced helper program could miss reporting some backend
devices (STR #3108)
- The cupsSideChannelSNMP* functions did not work.
- The scheduler could consume 100% CPU when jobs were canceled.
- Clicking on "Select Another Make/Manufacturer" in the web interface
incorrectly added the printer (STR #3095)
- The scheduler no longer uses programs with insecure file
permissions.
- httpAssembleURI*() did not escape backslashes in hostnames.
- The dnssd backend did not unquote "full names" before creating the
device URI.
- The scheduler now supports JobRetryInterval values less than 10
seconds.
- Updated the Spanish localization (STR #3090)
- The scheduler did not redo Bonjour/DNS-SD registrations when updating
them failed.
- The "authenticated" policy incorrectly required authentication for
status operations.
- ppdOpen*() incorrectly loaded PPDs with multiple JobPatchFile
keywords.
- The network backends no longer report the SNMP "offline" or
maintenance status bits since they are inconsistently implemented and
often unreliable.
- The scheduler no longer logs child processes killed via SIGKILL as
"crashed".
- The printer link shown on the "job moved" template was bad (STR #3085)
- Updated the HTML templates to use the final HTML 4 DOCTYPE (STR #3086)
- The scheduler did not track the "paused" reason properly if a
printer had other reasons associated with it.
- cupsSendRequest() did not clear old local certificate auth data.
- The PPD compiler did not search for localization files properly
(STR #3084)
- cupsGetNamedDest() did not use the fallback default like
cupsGetDests*() (STR #3082)
- The scheduler now provides a LogTimeFormat directive to enable
microseconds in the date and time that are logged.
- The scheduler now provides a MultipleOperationTimeout directive to
control the timeout for multi-file print jobs.
- The configure script incorrectly allowed Avahi to be used for DNS-SD
printer discovery (STR #3065)
- The web interface and scheduler did not support URIs up to 1024 bytes
in length (STR #3072)
- Fixed pdftops issues with page sizes (STR #3063)
- Fixed pdftops issues with Ghostscript (STR #3062)
- The scheduler incorrectly registered default profiles for PostScript
printers with no specified colorspace.
- The scheduler incorrectly created an empty org.cups.printers.plist
file on Mac OS X.
- cupsGetPPD3() did not look for local PPDs in the right directory.
- SNMP lookups via side-channel did not work for NULL-VALUE and
and OCTET-STRING OIDs containing nul characters.
- The libusb-based USB backend did not work.
- The scheduler did not set the printer-commands attribute correctly
for some PPDs.
- The ppdi utility did not work.
- The web interface no longer uses multi-part output with old or broken
web browsers (STR #3049)
- CUPS now conforms to the draft IPP/2.0 and IPP/2.1 specification.
- Added a new cupsGetConflicts() API to get a list of conflicting
options.
- The PPD compiler didn't localize options or choices that did not
have associated translation text (STR #3045)
- Updated the Spanish localization (STR #3043)
- Fixed build problems (STR #3040, STR #3047)
- cupsResolveConflicts() did not resolve using the default option
choice in some cases due to the mirror UIConstraints that are
present in most PPD files.
- The scheduler did not honor MIME type priorities.
- The commandtops filter incorrectly used the JCLBegin code to end
its jobs.
- The default BrowseLocalProtocols value was not set properly.
- Since the commandtops filter does not actually support ReportLevels
all on its own, don't list that printer command by default for PS
printers.
- The scheduler did not give filters a chance to log errors or update
printer attributes when a job was canceled.
- The scheduler did not clear the "connecting-to-device" reason keyword
when a job finished.
CHANGES IN CUPS V1.4b2
- Documentation updates (STR #2983, STR #2998, STR #3021)
- The cupstestppd utility now validates the FileVersion and
FormatVersion values in PPD files.
- The default cupsd.conf file did not reflect the
--with-local-protocols value set at compile-time (STR #3037)
- The cupsGetPPD* APIs now create symlinks to local PPD files
rather than copying them whenever possible.
- Various performance optimizations in the string pool, dests, and
options implementations.
- The cupsGetDests* APIs now return the marker and printer-commands
attributes.
- Side-channel SNMP lookups would not work when cupsSNMPSupplies
was set to False in the PPD file.
- Localized the device descriptions for the SCSI, serial,
and network backends (STR #3014)
- Added a Spanish localization (STR #3015)
- Added support for marker-low-levels and marker-high-levels
attributes.
- The scheduler could hang writing a long log line.
- The cupsGetDevices() function now has an "include_schemes"
parameter.
- The lpinfo command now supports --include-schemes and
--exclude-schemes options.
- The CUPS-Get-PPDs operation now supports the include-schemes
and exclude-schemes attributes.
- The CUPS-Get-Devices operation now supports the include-schemes
attribute.
- The print filters now support a replacement for the fitplot
option called "fit-to-page".
- The LPD backend no longer tries to collect page accounting
information since the LPD protocol does not allow us to
prevent race conditions.
- The scheduler did not save the last marker-change-time value.
- Fixed a problem with printing to some IPP printers, including
CUPS 1.1.x.
- Fixed a redirection problem with the printer web page (STR #3012)
- Fixed a PPD compiler problem with the loading of message
catalogs (STR #2990)
- Fixed a PPD compiler problem with the loading of .strings files
(STR #2989)
- The cupsfilter utility did not set the CONTENT_TYPE environment
variable when running filters.
- The scheduler now waits to allow system sleep until the jobs
have all stopped.
- The IPP, LPD, and socket backends used different "connecting"
progress messages.
CHANGES IN CUPS V1.4b1
- Documentation updates (STR #2567)
- The PPD compiler now allows local message catalogs to
override the standard CUPS translations (STR #2642)
- The ppdmerge command did not merge custom option strings
(STR #2863)
- The scheduler now supports the Hold-New-Jobs and
Release-Held-New-Jobs operations; these are exposed via the
cupsdisable and cupsenable commands (STR #2332)
- The lpstat command is now much faster when displaying the
status of a single printer (STR #2843)
- The scheduler now caches information from PPD files to provide
significantly faster startup time with large numbers of PPDs
(STR #1293)
- CUPS-Get-Driver now provides much better driver matching based
on the IEEE-1284 device ID and make/model strings (STR #2707)
- Now support the cupsSNMPSupplies keyword to control whether
the network backends query the SNMP Printer MIB for supply
levels.
- Now support and use a new banner file format for better text
support and easier customization (STR #2490)
- The scheduler now sets the PRINTER_INFO and PRINTER_LOCATION
environment variables from the corresponding IPP attributes.
- The ippRead*() and ippWrite*() functions no longer use a
stack-based buffer (STR #2388)
- The CUPS-Add-Modify-Printer operation now allows you to set
the printer-state-reasons attribute.
- The "set printer options" page now supports auto-configuration
of printer options (STR #1440)
- The web interface now provides an advanced server settings
form.
- The web interface's "modify printer" pages now make it
easier to change just one setting (STR #1919)
- The scheduler now supports a plist PrintcapFormat.
- The scheduler now supports multiple addresses in Allow and
Deny lines, just like Apache (STR #2947)
- Added CUPS_JOBTYPE environment variable for job filters so
they know whether they are printing a banner or document
file (STR #2799)
- Added support for printer filtering by the cupsfilter
command (STR #2562)
- Added a SSLOptions directive to allow Windows clients to
talk to CUPS in FIPS mode (STR #2827)
- Renamed the accept and reject commands to cupsaccept and
cupsreject; the old names are still available (STR #2936)
- The locale/translate utility needed an update to work with
Google (STR #2882)
- The lpstat command now supports a -H option to display the
default server (STR #2833)
- The scheduler now supports a FatalErrors directive to control
which errors should cause the scheduler to exit (STR #2536)
- The scheduler now uses the php-cgi program if it is available
(STR #2923)
- The scheduler now supports a DefaultPaperSize directive
(STR #2848)
- The scheduler now passes the job-originating-host-name
value to filters in the options argument (STR #2558)
- CUPS now supports job tickets in PDF files (STR #2903)
- Added a DBUS notifier (STR #2529)
- The LPD mini-daemon now passes the document name when queuing
print jobs (STR #2482)
- The IPP backend did not relay com.apple.print.recoverable-message
values.
- The scheduler now supports a job-media-progress attribute to
track the progress of individual pages.
- The sample HP driver now supports A5 (STR #2798)
- The CUPS web interface menu item now uses the xdg-open
command, when available (STR #2724)
- The cups-lpd program now supports the -h option (STR #2794)
- The scheduler now sets the PAM_TTY parameter and the
PAM_ESTABLISH_CRED credential flag (STR #2745)
- The scheduler now logs unsuccessful requests to the error_log
file as errors (STR #2616)
- Added support for a "retry-current-job" error policy that
retries the current job immediately when the backend encounters
an error (STR #2555)
- The scheduler now returns a "forbidden" error when a user
correctly authenticates but does not have permission to
continue further (STR #2101)
- The scheduler now loads both the server and CA certificates
(if present) from the ServerCertificate file (STR #2146)
- New RSS subscriptions now create their feed files immediately
(STR #2853)
- Added support for a device-location attribute which provides
the physical location of a printer device.
- Added a cupsBackendReport() API which handles quoting of the
device data by a backend.
- Added support for custom options in the web interface
(STR #1729)
- Added support for Mozilla LDAP, reconnection to LDAP servers,
and improved LDAP performance (STR #1962)
- Added Solaris SMF support (STR #1477)
- Added optional support for using TCP wrappers to limit access
to CUPS (STR #263)
- Added ppdPageSizeLimits API.
- Added support for new cupsMediaQualifier2, cupsMediaQualifier3,
cupsMinSize, and cupsMaxSize attributes.
- Added cupsResolveConflicts and ppdInstallableConflict APIs.
- Added support for new cupsUIConstraints and cupsUIResolver
attributes for better option conflict detection and
resolution.
- Increased the maximum size of 1284 device ID strings to
256 bytes (STR #2877)
- Added an AccessLogLevel directive to cupsd.conf to control
what is logged to the access_log file.
- The default LogLevel is now "warn" instead of "info" to reduce
the amount of logging that is done to disk by default.
- The PPD compiler did not include OID query keywords in PPD
files (STR #2871)
- The cups-driverd helper program now directly supports driver
information files.
- The USB backend now uses libusb when available (STR #1575)
- Added ppdLocalizeAttr function to get the localized version
of an attribute.
- MIME types now support a priority() attribute (STR #2719)
- The standard MIME types are now installed in
DataDir/mime (STR #2719)
- The lpoptions command now describes custom options and
the necessary parameters (STR #2660)
- The ppdmerge program did not support Simplified Chinese
or Traditional Chinese language version strings (STR #2851)
- The PPD compiler now supports localizable attributes
(STR #2738)
- The ppdpo utility now includes cupsIPPReasons values in
the message catalogs it generates (STR #2754)
- The PPD compiler now supports conditional directives
(STR #2636)
- The ppdc utility now supports a "-t" option to test PPD
files (STR #2739)
- The ppdc utility now supports a "-m" option to use the
ModelName value as the output filename.
- The ppdc utility now supports a FileName directive to
set an alternate output filename (STR #2740)
- The side-channel API now supports SNMP queries for the
standard network backends.
- Added a PageLogFormat directive to the cupsd.conf file to
control the format of lines in the page_log file.
- Filters can now send PPD: messages to stderr to set PPD
keywords like DefaultPageSize while a job is printing.
- Added a mdns backend for discovery and printing to printers
that advertise themselves via DNS-SD (Bonjour)
- The ipp, lpd, and socket backends now support DNS-SD service
name resolution.
- The scheduler now uses a single shared file descriptor for
all DNS-SD registrations (STR #2674)
- The ipp, lpd, and socket backends now support SNMP-based
page accounting and supply level monitoring (STR #1655)
- Added support for cupsPJLDisplay attribute to control what
PJL commands are used to display the job information.
- Driver information files can now be installed in
/Library/Printers/PPDs.drv on Mac OS X.
- The CUPS image library now supports reading images larger
than 2GB.
- The scheduler now delays writing config and state files to
reduce disk activity (STR #2684)
- The CUPS-Get-Devices operation now supports the
exclude-schemes and timeout attributes to control which
backends are polled and for how long.
- The cups-deviced helper application now runs backends in
parallel to get the list of devices faster.
- Added --enable-pap configure option.
- The default cupsd.conf file now includes an "authenticated"
policy which requires authentication for remote print jobs.
- Added support for Czech and Hungarian in PPD files
(STR #2735, STR #2736)
- The PPD compiler tools now support Mac OS X .strings files
for localization (STR #2737)
- ppdOpen*() now default the colorspace member to PPD_CS_N
when no DefaultColorSpace attribute is present in the PPD
file.
- The build system has been updated to support separate
installation of data, program, header, and library files.
- All support libraries are now built as shared libraries
by default.
- The scheduler now manages ICC color profiles on Mac OS X.
- The network backends (ipp, lpd, socket) now support
SNMP-based supply and page count monitoring (STR #1655)
- The lppasswd program is no longer installed setuid to
root to make the default installation more secure.
- Added a new ppdLocalizeMarkerName() function to get
the localized version of a marker-names value.
- The scheduler now provides the printer-dns-sd-name
attribute for printers shared via DNS-SD/Bonjour.
- The pdftops filter now executes the Xpdf or poppler
pdftops utility to convert PDF files (STR #1471)
- Bonjour printer registrations now advertise as local or
global based on the current access policies for the
printer.
- cupsGetDests*() and cupsSetDests*() now track the last
used printer preference on Mac OS X.
- Added a new streaming request API (STR #2261)
- Added a new cupsGetNamedDest() function to the CUPS
library for faster printing with lp and lpr (STR #2638)
- The scheduler now sets the PAM RHOST value on systems
that support it (STR #2637)
- The scheduler now sandboxes child processes when
possible.
- The Cancel-Job operation now supports a purge-job
attriibute to purge a specified job.
- ppdEmit* and ppdCollect* now use the NonUIOrderDependency
attributes for custom option selections.
- The web interface now enables/disables the printer
sharing (formerly publishing) controls based on the
server-is-sharing-printers state (STR #2233)
- The scheduler now tracks printer sharing via the
server-is-sharing-printers attribute, and manages LPD
and SMB sharing as well (STR #2233)
- The web interface now allows you to go back to the make/
manufacturer page if there is no matching printer driver
on the model page (STR #2436)
- The printer list now shows the default media, banner, and
duplex options as well as the color and duplex capabilities
of printers (STR #1175)
- The web interface look-n-feel has been updated (STR #2492)
- The scheduler now supports a CUPS-Get-Document operation
that returns the specified print job document (STR #118)
- The cupsfilter utility now supports a "-J jobid" option
to filter the document from the specified job.
- The scheduler (cupsd) now supports a new option (-t) to
do a syntax check of the cupsd.conf file (STR #2003)
- Added new cupsGetPPD3() API to allow applications to
cache PPDs safely (STR #1473)
- Added generic PostScript and PCL printer driver PPDs.
commit log said:
* remove write permission from a set-uid program (checkperms warning).
But it did "chmod -r", and break binary package creation by unprivireged user
because of unreadable file.
* Remove unneeded ${VARS} variable.
* add a blank line after PKGREVISON for readability.
* remove unneeded --with-rcdir and --enable-gnutls=no from CONFIGURE_ARGS.
* reorder part of CONFIGURE_ARGS for a little more readability.
* explicitly enable jpeg/png/tiff.
* change a LOCALBASE reference to PREFIX (pkglint warning).
* remove write permission from a set-uid program (checkperms warning).
* add "set -e" in front of shell for loops (pkglint warning)
* explicitly enable/disable dnssd and gssapi in options.
* exactly disable python and java support same as perl and php
* pdftops filter is installed unconditionally, so change
PKG_OPTIONS_GROUP.pdftops to REQUIRED_GROUP
* xpdf does not install pdftops tool anymore and using it came from
poppler-utils. so deprecate xpdf option and suggest poppler option instead.
* change gs option to ghostscript from option.description.
* exactly select "gs" or "pdftops" and tell its path to configure script.
* change ghostscript dependency from DEPENDS to USE_TOOLS.
* exactly disable gssapi support with "-kerberos" option.
pdftops only seems to be a link to an existing pdftops, so add
an option to use the ones from gs, poppler-utils, or xpdf.
Default to using the one from poppler-utils (adds dependency on that).
Bump PKGREVISION.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
&data issue filed as http://www.cups.org/str.php?L3079 and fixed in
cups svn 28 minutes later.
The deeper issue is that firefox3 defines SHA1_Update in nss and cups
uses openssl and the nss symbol wins; hence any use of RAND_seed
fails.
and CVE-2008-3641. Also, it fixes a ton of bugs and has portability
enhancements. Full list of changes:
- SECURITY: The HP-GL/2 filter did not range check pen numbers
(STR #2911)
- SECURITY: The SGI image file reader did not range check
16-bit run lengths (STR #2918)
- SECURITY: The text filter did not range check cpi, lpi, or
column values (STR #2919)
- Documentation updates (STR #2904, STR #2944)
- The French web admin page was never updated (STR #2963)
- The IPP backend did not retry print jobs when the printer
reported itself as busy or unavailable (STR #2951)
- The "Set Allowed Users" web interface did not handle trailing
whitespace correctly (STR #2956)
- The PostScript filter did not work with Adobe applications
using custom page sizes (STR #2968)
- The Mac OS X USB backend did not work with some printers
that reported a bad 1284 device ID.
- The scheduler incorrectly resolved the client connection
address when HostNameLookups was set to Off (STR #2946)
- The IPP backend incorrectly stopped the local queue if
the remote server reported the "paused" state.
- The cupsGetDests() function did not catch all types of
request errors.
- The scheduler did not always log "job queued" messages
(STR #2943)
- The scheduler did not support destination filtering using
the printer-location attribute properly (STR #2945)
- The scheduler did not send the server-started,
server-restarted, or server-stopped events (STR #2927)
- The scheduler no longer enforces configuration file
permissions on symlinked files (STR #2937)
- CUPS now reinitializes the DNS resolver on failures
(STR #2920)
- The CUPS desktop menu item was broken (STR #2924)
- The PPD parser was too strict about missing keyword
values in "relaxed" mode.
- The PostScript filter incorrectly mirrored landscape
documents.
- The scheduler did not correctly update the
auth-info-required value(s) if the AuthType was Default.
- The scheduler required Kerberos authentication for
all operations on remote Kerberized printers instead
of just for the operations that needed it.
- The socket backend could wait indefinitely for back-
channel data with some devices.
- PJL panel messages were not reset correctly on older
printers (STR #2909)
- cupsfilter used the wrong default path (STR #2908)
- Fixed address matching for "BrowseAddress @IF(name)"
(STR #2910)
- Fixed compiles on AIX.
- Firefox 3 did not work with the CUPS web interface in SSL
mode (STR #2892)
- Custom options with multiple parameters were not emitted
correctly.
- Refined the cupstestppd utility.
- ppdEmit*() did not support custom JCL options (STR #2889)
- The cupstestppd utility incorrectly reported missing
"en" base translations (STR #2887)
- Documentation updates (STR #2785, STR #2861, STR #2862)
- The scheduler did not add the ending job sheet when the
job was released.
- The IPP backend did not relay marker-* attributes.
- The CUPS GNOME/KDE menu item was not localized for
Chinese (STR #2880)
- The CUPS GNOME/KDE menu item was not localized for
Japanese (STR #2876)
- The cupstestppd utility reported mixed line endings for
Mac OS and Windows PPD files (STR #2874)
- The pdftops filter did not print landscape orientation PDF
pages correctly on all printers (STR #2850)
- The scheduler did not handle expiring of implicit classes
or their members properly, leading to a configuration where
one of the members would have a short name (STR #2766)
- The scheduler and cupstestppd utilities did not support
cupsFilter and cupsPreFilter programs with spaces in their
names (STR #2866)
- Removed unused variables and assignments found by the
LLVM "clang" tool.
- Added NULL checks recommended by the LLVM "clang" tool.
- The scheduler would crash if you started a printer that
pointed to a backend that did not exist (STR #2865)
- The ppdLocalize functions incorrectly mapped all generic
locales to country-specific locales.
- The cups-driverd program did not support Simplified Chinese
or Traditional Chinese language version strings (STR #2851)
- Added an Indonesian translation (STR #2792)
- Fixed a timing issue in the backends that could cause data
corruption with the CUPS_SC_CMD_DRAIN_OUTPUT side-channel
command (STR #2858)
- The scheduler did not support "HostNameLookups" with all of
the boolean names (STR #2861)
- Fixed a compile problem with glibc 2.8 (STR #2860)
- The PostScript filter did not support %%IncludeFeature lines
in the page setup section of each page (STR #2831)
- The scheduler did not generate printer-state events when the
default printer was changed (STR #2764)
- cupstestppd incorrectly reported a warning about the PPD format
version in some locales (STR #2854)
- cupsGetPPD() and friends incorrectly returned a PPD file for
a class with no printers.
- The member-uris values for local printers in a class returned
by the scheduler did not reflect the connected hostname or
port.
- The CUPS PHP extension was not thread-safe (STR #2828)
- The scheduler incorrectly added the document-format-default
attribute to the list of "common" printer attributes, which
over time would slow down the printing system (STR #2755,
STR #2836)
- The cups-deviced and cups-driverd helper programs did not set
the CFProcessPath environment variable on Mac OS X (STR #2837)
- "lpstat -p" could report the wrong job as printing (STR #2845)
- The scheduler would crash when some cupsd.conf directives
were missing values (STR #2849)
- The web interface "move jobs" operation redirected users to
the wrong URL (STR #2815)
- The Polish web interface translation contained errors
(STR #2815)
- The scheduler did not report PostScript printer PPDs with
filters as PostScript devices.
- The scheduler did not set the job document-format attribute
for jobs submitted using Create-Job and Send-Document.
- cupsFileTell() did not work for log files opened in append
mode (STR #2810)
- The scheduler did not set QUERY_STRING all of the time
for CGI scripts (STR #2781, STR #2816)
- The scheduler now returns an error for bad job-sheets
values (STR #2775)
- Authenticated remote printing did not work over domain
sockets (STR #2750)
- The scheduler incorrectly logged errors for print filters
when a job was canceled (STR #2806, #2808)
- The scheduler no longer allows multiple RSS subscriptions
with the same URI (STR #2789)
- The scheduler now supports Kerberized printing with
multiple server names (STR #2783)
- "Satisfy any" did not work in IPP policies (STR #2782)
- The CUPS imaging library would crash with very large
images - more than 16Mx16M pixels (STR #2805)
- The PNG image loading code would crash with large images
(STR #2790)
- The scheduler did not limit the total number of filters.
- The scheduler now ensures that the RSS directory has
the correct permissions.
- The RSS notifier did not quote the feed URL in the RSS
file it created (STR #2801)
- The web interface allowed the creation and cancellation
of RSS subscriptions without a username (STR #2774)
- Increased the default MaxCopies value on Mac OS X to
9999 to match the limit imposed by the print dialog.
- The scheduler did not reject requests with an empty
Content-Length field (STR #2787)
- The scheduler did not log the current date and time and
did not escape special characters in request URIs when
logging bad requests to the access_log file (STR #2788)
OKed by jlam.
Changes in 1.3.7
The new release includes three security fixes and several printing and
authentication fixes.
CVE-2008-0047: cgiCompileSearch buffer overflow
CVE-2008-1373: CUPS GIF image filter overflow
Updated the "make check" tests to do a more thorough automated test.
cups-driverd complained about missing directories
cupsaddsmb would leave the Samba username and password on disk if no
Windows drivers were installed
The Linux USB backend used 100% CPU when a printer was disconnected
The sample raster drivers did not properly handle SIGTERM
The scheduler sent notify_post() messages too often on Mac OS X.
Kerberos access to the web interface did not work
The scheduler did not support "AuthType Default" in IPP policies
The scheduler did not support the "HideImplicitMembers" directive as
documented
"make check" didn't return a non-zero exit code on error
The scheduler incorrectly logged AUTH_foo environment variables in
debug mode
The image filters inverted PBM files
cupsctl would crash if the scheduler was not running
The scheduler could crash when printing using a port monitor
The scheduler would crash if PAM was broken
The image filters did not work with some CMYK JPEG files produced by
Adobe applications
The Mac OS X USB backend did not work with printers that did not
report a make or model.
The job-sheets option was not encoded properly
The scheduler incorrectly complained about missing LSB PPD directories.
Changes in 1.3.6
The new release fixes some platform-specific build problems, web
interface issues, PDF and PostScript filter option handling, and a
number of minor bugs discovered during routine code audits.
CUPS 1.2.12 fixes several file typing issues, a bad error message in the
scheduler, a web interface setting problem, and a bug in the PHP language
binding. It also includes an updated Italian translation. Changes include:
* The PHP cups_print_file() function crashed if the options array
contained non-string option values
* The image/tiff file matching rule incorrectly identified some text files
as TIFF files
* The filter(7) man page incorrectly documented the "PAGE: total #-pages"
message
* PCL text files were mis-identified as HP-GL/2 and caused the HP-GL/2
filter to hang
* When printing to a queue with user ACLs, the scheduler incorrectly
returned a quota error instead of a "not allowed to print" error
* cupsaddsmb could get in a loop if no printer drivers were installed
* cupsRasterReadHeader() did not byte-swap the header properly when
compiled with certain versions of GCC.
* The IPP backend did not send the document-format attribute for filtered
jobs
* Some PPD files could cause a crash in ppdOpen2
* The web admin interface incorrectly handled the "share printers" and
"show remote printers" settings
* The scheduler's log messages about AuthClass and AuthGroupName advised
using a replacement directive but had the wrong syntax
* Updated the PostScript/PJL and HP-GL/2 MIME rules to look in the first
4k of the file, not just the first 1k
* Updated the Italian localization
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
CUPS 1.2.11 fixes several build system, printing, PPD, and IPP conformance
issues. It also fixes a crash bug in the scheduler when printing to files
in non-existent directories.
This is based on a suggestion by Yorick Hardy, who reports that it
improved behavior. Without the patch, the cups usb driver tries to
read status from ulpt(4) (for most printers), and this results in no
output.
pkgsrc changes: fix locale path
patch a bug in pstops's n-up handling (reported to upstream)
CUPS 1.2.10 fixes the init script used to start the scheduler, a recursion
bug in the pdftops filter, and several other issues reported after the
1.2.9 release. Changes include:
* ppdLocalize() now supports localizing for Japanese using the "jp" locale
name used by the ppdmerge program from the CUPS DDK 1.1.0
* _cupsAdminSetServerSettings() did not support changing of top-level
directives as designed.
* The init script path check was broken.
* CUPS incorrectly used the attribute "notify-recipient" instead of
"notify-recicpient-uri" in several places
* Fixed a configure script bug on MirBSD
* The pdftops filter did not limit the amount of recursion of page sets
* Custom page sizes with fractional point sizes did not work
* The lpoptions command would crash when adding or removing options on a
system with no printers
CUPS 1.2.9 fixes several printing issues and scheduler crash bug.
Changes include:
* The scheduler did not use the default job-sheets (banners) for implicit
classes
* The scheduler could crash when listing complete jobs that had been
unloaded from memory
* The French localization was doubled up
* Build system fixes for several platforms
* The scheduler's openssl certificate generation code was broken on some
platforms
* The scheduler's log rotation check for devices was broken
* The LPD mini-daemon did not handle the document-format option correctly
* The pdftops filter ignored the "match" size option in the pdftops.conf
file
* cupstestppd now validates UTF-8 text strings in globalized PPD files
* The outputorder=reverse option did not work with all printers
* Classes containing other classes did not always work
* Printer location and description information was lost if the
corresponding string contained the "#" character
* cupsRemoveOption() did not work properly
* The USB backend did not work with some USB to parallel cables on Mac OSX.
* The test page did not print the rulers properly on large media sizes
* The text filter could crash when pretty printing certain types of files
ok'ed jlam a while back.
CUPS 1.2.8 adds a French localization, updates the Japanese and Spanish
localizations, and fixes several web interface, printing, and networking
bugs.
CUPS 1.2.7 adds several Mac OS X improvements, implements timeouts in the
SSL negotiation code, and fixes the bounding box generated by the PostScript
filter, bidirectional support in the USB backend, and another case where the
lpstat command could hang.
CUPS 1.2.6 fixes some compile errors, localization of the web interface on
Mac OS X, bugs in the lpc and lpstat commands, and backchannel support in
the parallel backend.
CUPS 1.2.5 fixes minor printing, networking, and documentation issues and
adds support for older versions of DBUS and a translation for Estonian.
CUPS 1.2.4 fixes a number of web interface, scheduler, and CUPS API
issues.
CUPS 1.2.3 fixes a number of web interface, networking, remote printing,
and CUPS API issues.
CUPS 1.2.2 fixes several build, platform, notification, and printing bugs.
CUPS 1.2.1 fixes several build, platform, and printing bugs.
CUPS 1.2.0 is the first stable feature release in the 1.2.x series and
includes over 90 new features and changes since CUPS 1.1.23, including a
greatly improved web interface and "plug-and-print" support for many local
and network printers.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
PKGLOCALEDIR and which install their locale files directly under
${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries. From now
on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
transforming the PLIST to refer to the correct locale directory.
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
CAN-2005-3191
CAN-2005-3192
The fixes were largely copied from xpdf-3.01pl1.patch from foolabs.com;
however, patch-be for Stream.cxx also includes a proper fix for
CAN-2005-3191 which was only partially fixed in the foolabs.com patch.
Bump the PKGREVISION to 4.
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.
as the INSTALL and DEINSTALL scripts no longer distinguish between
the two types of files. Drop SUPPORT_FILES{,_PERMS} and modify the
packages in pkgsrc accordingly.
"A vulnerability has been reported in CUPS, which can be exploited by malicious
people to cause a DoS (Denial of Service) on a vulnerable system.
When processing a PDF file, bounds checking was not correctly performed on
some fields. This could cause the pdftops filter (running as user "lp") to
crash."
http://secunia.com/advisories/16380/http://rhn.redhat.com/errata/RHSA-2005-706.html
Patch from RedHat.
USE_TOOLS and any of "autoconf", "autoconf213", "automake" or
"automake14". Also, we don't need to call the auto* tools via
${ACLOCAL}, ${AUTOCONF}, etc., since the tools framework takes care
to symlink the correct tool to the correct name, so we can just use
aclocal, autoconf, etc.
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
